package trlygjj.tanruiliyigenjinjin.shiro;

import lombok.Setter;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import trlygjj.tanruiliyigenjinjin.domain.Employee;
import trlygjj.tanruiliyigenjinjin.domain.Role;
import trlygjj.tanruiliyigenjinjin.service.IEmployeeService;
import trlygjj.tanruiliyigenjinjin.service.IPermissionService;
import trlygjj.tanruiliyigenjinjin.service.IRoleService;

import java.util.ArrayList;
import java.util.List;

/**
 * Created by user on 2018/7/12.
 */
//这里采用的是xml的bean的方式创建对象
public class EmployeeRealm extends AuthorizingRealm{
    //配套采用的是Setter方法属性注入
    @Setter
    private IEmployeeService employeeService;
    @Setter
    private IRoleService roleService;
    @Setter
    private IPermissionService permissionService;
    @Override
    public String getName() {
        return "EmployeeRealm";
    }
    //权限
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        Employee employee = (Employee) principals.getPrimaryPrincipal();
        List<String> roles;
        List<String> permissions;
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        if(employee != null){
            if(employee.getAdmin() == Employee.IS_ADMIN){
                //如果是超级管理员就给他所有的权限和角色
                roles = new ArrayList<>();
                permissions = new ArrayList<>();
                List<Role> list = roleService.selectAll();
                if(list != null && list.size() != 0) {
                    for (Role role : list) {
                        roles.add(role.getSn());
                    }
                }
                permissions.add("*:*");
            }else {
                //不是超级管理员就进行查询
                roles = roleService.queryRoleSnByEmployeeId(employee.getId());
                permissions = permissionService.queryPermissionResourceByEmployeeId(employee.getId());
            }
            info.addRoles(roles);
            info.addStringPermissions(permissions);
        }
        return info;
    }
    //验证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        String username = (String) token.getPrincipal();
        Employee employee = employeeService.queryUsername(username);
        if(employee == null){
            return null;
        }
        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(
                employee,
                employee.getPassword(),
                getName()
        );
        return info;
    }
    //清除缓存
    public void clearCached(){
        PrincipalCollection principals = SecurityUtils.getSubject().getPrincipals();
        super.clearCache(principals);
    }
}
